#!/bin/bash

# 企业微信H5应用部署测试脚本
# 用于验证部署是否成功

echo "=== 企业微信H5应用部署测试 ==="

# 颜色定义
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# 测试函数
test_service() {
    local service_name=$1
    local description=$2
    
    echo -n "测试 $description... "
    
    if systemctl is-active --quiet $service_name; then
        echo -e "${GREEN}✓ 运行中${NC}"
        return 0
    else
        echo -e "${RED}✗ 未运行${NC}"
        return 1
    fi
}

test_port() {
    local port=$1
    local description=$2
    
    echo -n "测试端口 $port ($description)... "
    
    if netstat -tuln | grep -q ":$port "; then
        echo -e "${GREEN}✓ 监听中${NC}"
        return 0
    else
        echo -e "${RED}✗ 未监听${NC}"
        return 1
    fi
}

test_url() {
    local url=$1
    local description=$2
    local expected_status=${3:-200}
    
    echo -n "测试 $description ($url)... "
    
    local status=$(curl -s -o /dev/null -w "%{http_code}" "$url" --connect-timeout 10)
    
    if [ "$status" = "$expected_status" ]; then
        echo -e "${GREEN}✓ 状态码: $status${NC}"
        return 0
    else
        echo -e "${RED}✗ 状态码: $status (期望: $expected_status)${NC}"
        return 1
    fi
}

test_ssl() {
    local domain=$1
    
    echo -n "测试SSL证书 ($domain)... "
    
    if echo | openssl s_client -servername $domain -connect $domain:443 2>/dev/null | openssl x509 -noout -dates 2>/dev/null; then
        echo -e "${GREEN}✓ SSL证书有效${NC}"
        return 0
    else
        echo -e "${RED}✗ SSL证书无效${NC}"
        return 1
    fi
}

# 配置变量（请根据实际情况修改）
DOMAIN="your-domain.com"
API_PORT="6724"
WEB_PORT="80"
HTTPS_PORT="443"

echo "开始部署测试..."
echo

# 1. 测试系统服务
echo "1. 系统服务测试"
test_service "nginx" "Nginx服务"
test_service "refund-service" "退费服务"
echo

# 2. 测试端口监听
echo "2. 端口监听测试"
test_port $API_PORT "API服务"
test_port $WEB_PORT "HTTP服务"
test_port $HTTPS_PORT "HTTPS服务"
echo

# 3. 测试HTTP访问
echo "3. HTTP访问测试"
test_url "http://localhost:$API_PORT/api/health" "API健康检查"
test_url "http://localhost/api/health" "Nginx代理API"
test_url "http://localhost/" "前端页面"
echo

# 4. 测试HTTPS访问
echo "4. HTTPS访问测试"
if [ "$DOMAIN" != "your-domain.com" ]; then
    test_ssl "$DOMAIN"
    test_url "https://$DOMAIN/api/health" "HTTPS API访问"
    test_url "https://$DOMAIN/" "HTTPS前端访问"
else
    echo -e "${YELLOW}跳过HTTPS测试 (请配置实际域名)${NC}"
fi
echo

# 5. 测试企业微信相关接口
echo "5. 企业微信接口测试"
if [ "$DOMAIN" != "your-domain.com" ]; then
    test_url "https://$DOMAIN/api/Auth/wechat-jsapi-config" "企业微信JS-SDK配置" "400"
    test_url "https://$DOMAIN/api/Auth/wechat-login" "企业微信登录接口" "400"
else
    test_url "http://localhost:$API_PORT/api/Auth/wechat-jsapi-config" "企业微信JS-SDK配置" "400"
    test_url "http://localhost:$API_PORT/api/Auth/wechat-login" "企业微信登录接口" "400"
fi
echo

# 6. 测试文件权限
echo "6. 文件权限测试"
echo -n "测试应用目录权限... "
if [ -r "/var/www/refund-app" ] && [ -x "/var/www/refund-app" ]; then
    echo -e "${GREEN}✓ 权限正确${NC}"
else
    echo -e "${RED}✗ 权限错误${NC}"
fi

echo -n "测试日志目录权限... "
if [ -w "/var/log/refund-app" ]; then
    echo -e "${GREEN}✓ 可写${NC}"
else
    echo -e "${RED}✗ 不可写${NC}"
fi
echo

# 7. 测试配置文件
echo "7. 配置文件测试"
echo -n "测试Nginx配置... "
if nginx -t 2>/dev/null; then
    echo -e "${GREEN}✓ 配置正确${NC}"
else
    echo -e "${RED}✗ 配置错误${NC}"
fi

echo -n "测试应用配置... "
if [ -f "/var/www/refund-app/appsettings.json" ]; then
    echo -e "${GREEN}✓ 配置文件存在${NC}"
else
    echo -e "${RED}✗ 配置文件不存在${NC}"
fi
echo

# 8. 测试防火墙
echo "8. 防火墙测试"
echo -n "测试防火墙状态... "
if ufw status | grep -q "Status: active"; then
    echo -e "${GREEN}✓ 防火墙已启用${NC}"
    
    echo "开放的端口:"
    ufw status | grep ALLOW | while read line; do
        echo "  - $line"
    done
else
    echo -e "${YELLOW}! 防火墙未启用${NC}"
fi
echo

# 9. 测试监控
echo "9. 监控测试"
if [ -f "/usr/local/bin/monitor-refund-app.sh" ]; then
    echo -e "${GREEN}✓ 监控脚本已安装${NC}"
else
    echo -e "${YELLOW}! 监控脚本未安装${NC}"
fi

if crontab -l 2>/dev/null | grep -q "monitor-refund-app"; then
    echo -e "${GREEN}✓ 监控定时任务已配置${NC}"
else
    echo -e "${YELLOW}! 监控定时任务未配置${NC}"
fi
echo

# 10. 测试备份
echo "10. 备份测试"
if [ -f "/usr/local/bin/backup-refund-app.sh" ]; then
    echo -e "${GREEN}✓ 备份脚本已安装${NC}"
else
    echo -e "${YELLOW}! 备份脚本未安装${NC}"
fi

if crontab -l 2>/dev/null | grep -q "backup-refund-app"; then
    echo -e "${GREEN}✓ 备份定时任务已配置${NC}"
else
    echo -e "${YELLOW}! 备份定时任务未配置${NC}"
fi
echo

echo "=== 测试完成 ==="
echo
echo "如果发现问题，请检查："
echo "1. 服务日志: journalctl -u refund-service -f"
echo "2. Nginx日志: tail -f /var/log/nginx/error.log"
echo "3. 应用日志: tail -f /var/log/refund-app/app.log"
echo "4. 系统资源: htop 或 free -h"
echo
echo "企业微信配置检查："
echo "1. 确认 appsettings.json 中的企业微信配置正确"
echo "2. 确认域名已在企业微信应用中配置为可信域名"
echo "3. 确认企业微信应用的回调URL设置正确"
echo "4. 确认SSL证书有效且域名匹配"